Follow these steps to establish a security trust relationship between the root of the client and the root of the server:
1. Run the ssh-keygen command on the client to generate a certificate that establishes a security trust relationship.
[[Email protected] root] # ssh-keygen-B 1024-T RSA
Generating public/private RSA key pair.
Enter file in which to save the key (/root/. Ssh/id_rsa ):
Enter passphrase (empty for no passphrase): <-- press ENTER
Enter same passphrase again: <-- press ENTER
Your identification has been saved in/root/. Ssh/id_rsa.
Your public key has been saved in/root/. Ssh/id_rsa.pub.
The key fingerprint is:
49: 9C: 8A: 8f: BC: 19: 5E: 8c: C0: 10: D3: 15: 60: A3: 32: [email protected]
[[Email protected] root] #
Note: When the program prompts you to enter passphrase, enter the carriage return, indicating no certificate password.
The above command generates the Private Key Certificate id_rsa and Public Key Certificate id_rsa.pub, which are stored in the. Ssh subdirectory of the user's home directory.
2. Copy the Public Key Certificate id_rsa.pub to the. Ssh subdirectory of the root directory of the server, and change the file name to authorized_keys.
[[Email protected] root] # SCP-P. Ssh/id_rsa.pub [email protected]:/root/. Ssh/authorized_keys
[Email protected]'s password: <-- enter the root user password of the server.
Id_rsa.pub 100% | *************************** | 218
[[Email protected] root] #
When executing the preceding command, the root user of the two machines has not yet established a security trust relationship, so you also need to enter the root user password of the machine server.
After the above two steps, the security trust relationship is established between the root of the client and the root of the server. Let's take a look at the effect:
[[Email protected] root] # SCP-P [email protected]:/root
Text 100% | ************************** | 19
######################################## ######################################## ########
Note:
(1) If the public key of a is given to B, SCP on a can transmit data in B without entering the password;
However, the password is still required for SCP on B. If both parties do not need to enter the password, the public key of B should also be assigned to;
(2) If you want both B and C to enable SCP to transmit data in a without entering the password;
The public keys of B and C should be given to;
Operation Procedure: copy the data in id_rsa.pub of the two machines to the/root/. Ssh/authorized_keys file of A, with one line representing one;
Alternatively, use SCP-P. Ssh/id_rsa.pub [email protected]:/root/. Ssh/authorized_keys to remotely copy the previous one, and then manually copy the other;
This article is from the "Guang pu-It Commune" blog, please be sure to keep this source http://guangpu.blog.51cto.com/3002132/1551384
SCP does not enter the password